package com.zcj.demo.config;

import com.zcj.demo.utils.RedisUtils;
import org.apache.shiro.authc.AuthenticationInfo;
import org.apache.shiro.authc.AuthenticationToken;
import org.apache.shiro.authc.credential.CredentialsMatcher;
import org.mindrot.jbcrypt.BCrypt;
import org.springframework.beans.factory.annotation.Autowired;

/**
 * shiro自定义密码比较器
 *
 * @author 68300119
 * @Date 2021/3/1
 **/
public class BCryptCredentialsMatcher implements CredentialsMatcher {

    @Autowired
    private RedisUtils redisUtils;

    @Override
    public boolean doCredentialsMatch(AuthenticationToken token, AuthenticationInfo info) {
        EasyTypeToken user = (EasyTypeToken) token;
        // 手机号登录跳过密码验证
        if (LoginType.PHONE.equals(user.getType())) {
            return true;
        }
        //获得用户输入的密码
        String inPassword = new String(user.getPassword());
        //获得数据库中的密码
        String dbPassword = (String) info.getCredentials();
        // 密码比对
        return BCrypt.checkpw(inPassword, dbPassword);
    }
}

